Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/shDcGtExXoE5K8Kv3NRkc7vuo_M.roa
File: shDcGtExXoE5K8Kv3NRkc7vuo_M.roa (raw, json)
Hash identifier: UCE7+3nXcR2xm8e6yJXYt+2WdHcyRMg3rBawKw59y1c=
Subject key identifier: B2:10:DC:1A:D1:31:5E:81:39:2B:C2:AF:DC:D4:64:73:BB:EE:A3:F3
Certificate issuer: /CN=37d27fc24443fcdd4b1b65cfc8078c4a14289f9e
Certificate serial: 0983D745
Authority key identifier: 37:D2:7F:C2:44:43:FC:DD:4B:1B:65:CF:C8:07:8C:4A:14:28:9F:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N9J_wkRD_N1LG2XPyAeMShQon54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/shDcGtExXoE5K8Kv3NRkc7vuo_M.roa
Signing time: Sat 01 Jan 2022 16:05:39 +0000
ROA not before: Sat 01 Jan 2022 16:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203576
IP address blocks: 5.252.98.0/24 maxlen: 32
5.252.97.0/24 maxlen: 32
5.252.96.0/24 maxlen: 32
5.252.99.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159635269 (0x983d745)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37d27fc24443fcdd4b1b65cfc8078c4a14289f9e
Validity
Not Before: Jan 1 16:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b210dc1ad1315e81392bc2afdcd46473bbeea3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d9:29:7b:d4:f4:f9:44:f8:c3:7c:7d:7a:70:
aa:8d:d4:38:82:81:b7:37:39:58:ea:09:fc:20:ab:
65:02:bc:82:6e:48:1a:6f:6e:ef:e0:66:e3:1e:09:
30:fb:4b:a5:1a:06:60:08:04:39:fc:ea:df:95:99:
78:6f:2a:44:eb:e0:7a:b1:79:5f:2d:40:74:fb:69:
18:00:ca:48:c4:4e:b7:7d:b5:b7:65:56:91:70:69:
1d:98:42:41:f0:9e:7b:58:d8:48:30:c9:30:01:57:
54:14:9f:b9:29:31:ad:7b:f7:76:45:d5:5d:df:27:
f5:46:ce:5b:6f:f8:cf:db:d4:5e:84:10:66:0d:6c:
1d:e7:c8:fb:74:60:ca:29:16:28:13:29:25:42:b2:
92:6a:36:1e:f4:12:4e:3e:c0:20:a5:c3:c8:bd:0b:
f6:f9:1d:55:e1:f7:13:9c:ba:ee:23:a3:dc:f2:d7:
7a:a3:99:d4:e5:8a:7b:f6:1a:55:c1:9a:ff:72:1e:
4d:95:9b:6a:9e:63:eb:38:c6:53:fc:1c:21:46:7b:
ee:e3:1d:4b:a2:19:83:bb:e7:34:f1:f0:0f:2b:df:
cb:91:8f:aa:ad:b7:5b:94:68:2f:f8:28:b0:09:51:
61:d5:bf:60:24:51:10:b3:b8:18:9a:10:28:2d:44:
fb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:10:DC:1A:D1:31:5E:81:39:2B:C2:AF:DC:D4:64:73:BB:EE:A3:F3
X509v3 Authority Key Identifier:
keyid:37:D2:7F:C2:44:43:FC:DD:4B:1B:65:CF:C8:07:8C:4A:14:28:9F:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9J_wkRD_N1LG2XPyAeMShQon54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/shDcGtExXoE5K8Kv3NRkc7vuo_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/N9J_wkRD_N1LG2XPyAeMShQon54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.96.0/22
Signature Algorithm: sha256WithRSAEncryption
60:7e:d0:02:d8:a0:ef:44:3c:09:f8:57:74:06:3e:b9:47:01:
b0:73:00:e2:78:e6:64:94:48:30:fa:79:a5:d0:cd:ac:31:81:
72:bd:ab:4b:97:4f:41:b6:a8:dc:c6:3f:73:c1:46:85:d1:e1:
d6:b1:2b:f3:eb:7d:da:db:81:e0:af:bc:71:fe:58:59:c5:07:
e6:7a:ed:30:60:e6:7e:ca:19:8a:99:27:14:a0:bb:b1:c7:79:
09:a2:c1:1f:68:71:ae:75:d0:cf:5b:11:72:b2:5a:b3:90:b0:
0e:0b:2a:5d:c5:0e:ee:f8:f9:8c:37:00:be:e0:c8:4c:58:e9:
08:dc:3c:31:c9:ec:0f:ac:fb:54:71:11:81:c7:3c:00:d0:37:
b4:b4:b5:0e:46:8f:fd:58:f6:bb:2c:59:25:9e:c4:a2:bd:8c:
54:5d:bc:d1:fd:94:f7:9b:16:47:2f:f1:7b:d8:e6:bb:7a:3c:
da:98:09:c7:ab:ae:68:7d:68:de:98:19:97:02:b5:dd:de:c8:
95:30:6b:8a:b6:87:4f:90:df:78:b6:a4:26:60:06:be:4c:3a:
af:3b:ac:51:3b:64:48:98:54:bd:d0:55:c0:c7:59:ed:62:64:
2c:38:30:3e:00:0a:95:09:0e:9d:70:c0:4d:b8:00:cf:80:6e:
f6:24:28:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECYPXRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
N2QyN2ZjMjQ0NDNmY2RkNGIxYjY1Y2ZjODA3OGM0YTE0Mjg5ZjllMB4XDTIyMDEw
MTE2MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIxMGRjMWFkMTMx
NWU4MTM5MmJjMmFmZGNkNDY0NzNiYmVlYTNmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPZKXvU9PlE+MN8fXpwqo3UOIKBtzc5WOoJ/CCrZQK8gm5I
Gm9u7+Bm4x4JMPtLpRoGYAgEOfzq35WZeG8qROvgerF5Xy1AdPtpGADKSMROt321
t2VWkXBpHZhCQfCee1jYSDDJMAFXVBSfuSkxrXv3dkXVXd8n9UbOW2/4z9vUXoQQ
Zg1sHefI+3RgyikWKBMpJUKykmo2HvQSTj7AIKXDyL0L9vkdVeH3E5y67iOj3PLX
eqOZ1OWKe/YaVcGa/3IeTZWbap5j6zjGU/wcIUZ77uMdS6IZg7vnNPHwDyvfy5GP
qq23W5RoL/gosAlRYdW/YCRRELO4GJoQKC1E+/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSyENwa0TFegTkrwq/c1GRzu+6j8zAfBgNVHSMEGDAWgBQ30n/CREP83Usb
Zc/IB4xKFCifnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L045Sl93a1JEX04xTEcyWFB5QWVNU2hRb241NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvZDhjNThkLThkMjQtNDI4MC05MWZkLTQ4YjE2NjRkNDBkNS8x
L3NoRGNHdEV4WG9FNUs4S3YzTlJrYzd2dW9fTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ZDhjNThkLThkMjQtNDI4MC05MWZkLTQ4YjE2NjRkNDBkNS8xL045Sl93a1JEX04x
TEcyWFB5QWVNU2hRb241NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgX8YDANBgkqhkiG9w0BAQsFAAOC
AQEAYH7QAtig70Q8CfhXdAY+uUcBsHMA4njmZJRIMPp5pdDNrDGBcr2rS5dPQbao
3MY/c8FGhdHh1rEr8+t92tuB4K+8cf5YWcUH5nrtMGDmfsoZipknFKC7scd5CaLB
H2hxrnXQz1sRcrJas5CwDgsqXcUO7vj5jDcAvuDITFjpCNw8McnsD6z7VHERgcc8
ANA3tLS1DkaP/Vj2uyxZJZ7Eor2MVF280f2U95sWRy/xe9jmu3o82pgJx6uuaH1o
3pgZlwK13d7IlTBriraHT5DfeLakJmAGvkw6rzusUTtkSJhUvdBVwMdZ7WJkLDgw
PgAKlQkOnXDATbgAz4Bu9iQoJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org